TORONTO - Infidelity website AshleyMadison.com, which has been struggling to launch a London IPO, can kiss goodbye plans for a listing this year, banking sources said on Tuesday, as hackers threatened to publish names and salacious details about its clients unless the website shuts itself down.
The website's Canadian parent hoped to raise up to US$200 million (S$273 million) by listing its shares in London this year, five years after a lack of investor appetite caused it to cancel an attempt to list at home.
Hackers threatened to leak nude photos, sexual fantasies, real names and credit card information for as many as 37 million customers worldwide of Ashley Madison, which uses the slogan: "Life is short. Have an affair."
The data breach, bad for any company that has a repository of confidential customer data, could be disastrous for one whose business model is based on complete confidentially.
"The doomsday scenario for Ashley Madison is if the hackers take all the names and addresses, correlates them to real people and prints addresses and phone numbers. That will kill it," said a Canadian investment banker, who asked not to be named.
With more than 37 million members worldwide, Ashley Madison claims to be the world's second-largest dating website. Only Match.com, owned by media mogul Barry Diller's IAC/InterActive Corp, is bigger.
Avid Life Media, the parent company of Ashley Madison and websites such as Cougarlife.com and EstablishedMen.com, values itself at US$1 billion.
It reported revenue of US$115 million in 2014, up 45 per cent from the preceding year.
"Of course they're going to have to put any IPO plans on ice. It will be at least a few months before any banks would consider touching it," said a second Canadian investment banker.
"I don't think this kills the company, unless all the data eventually gets leaked."
Long before it explored a listing in Europe, Avid Life had reached out to Toronto's GMP Securities about a listing in Canada, but the idea failed to gain traction, two banking sources said.
"The thought was that there was reputational risk, so the IPO never happened," said one of the bankers who declined to be identified because he was not authorised to speak to media.
The banker said that because of those concerns the valuation was less than other businesses on the Internet and in the tech industry.
"Over the years, they tried to do a lot of things to try to monetise the asset," the banker said.
"Ultimately, they decided to just hang on to it, as opposed to try to sell it. Investment bankers wrestled with it because it's a very, very profitable business."
Avid Life spokesman Paul Keable said it was too early to estimate the damage to the company's business model or IPO plans from the breach.
The company has not commented on whether it would shut down in the face of the hackers' threat.
The website allows members to access some basic features for free, but charges to send or receive messages, photographs and gifts.
Female members are allowed to send "collect messages"that male members must pay for in order to read them.
It also offers a US$19 full delete option for people to remove their profiles. That claim appeared to have incensed the hackers who insisted that clients cannot fully delete personal data.
The site allows members to sign up without disclosing personal information such as their name, telephone number or home address.
However, the hackers allege that information is available from credit card payments.
Avid Life said it had since secured the site and was working with law enforcement agencies to trace those behind the attack. It also said it is convinced the hackers were formerly connected to the company.
Crisis communications experts said Avid Life had made a smart move in quickly saying it may know who was behind the hack, removing some uncertainty from the situation for its clients.
Still, Wells Fargo analyst Gray Powell said in a note Tuesday that the hack will create remediation costs and may expose Avid Life to potential legal issues.
"While this is clearly a unique case, the Ashley Madison breach demonstrates that security is about more than just budget dollars and that lost customer data can dramatically impact business plans, brand perception and even company valuations," he said.